package org.domeos.framework.shiro.filter;

import java.net.InetAddress;
import java.net.URLDecoder;
import java.net.UnknownHostException;

import javax.servlet.Filter;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.ExcessiveAttemptsException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.authc.AuthenticationFilter;
import org.domeos.basemodel.ResultStat;
import org.domeos.framework.api.consolemodel.auth.UserPassword;
import org.domeos.framework.api.controller.exception.ApiException;
import org.domeos.framework.api.model.auth.related.LoginType;
import org.domeos.framework.shiro.token.MultiAuthenticationToken;

import com.gome.idcenter.util.tool.ObjectJsonTranslator;
import com.gome.idcenter.util.vo.CookieVo;

public class LoginFilter extends AuthenticationFilter implements Filter{
	@Override
	protected boolean onAccessDenied(ServletRequest servletRequest, ServletResponse response) throws Exception {
		HttpServletRequest request = (HttpServletRequest) servletRequest;
		Subject subject = SecurityUtils.getSubject();
		if (subject.getPrincipals() == null) {
			Cookie[] cookies = request.getCookies();
			if (cookies == null) {
			}
			String cookieName = "IDCENTER";
			for (Cookie cookie : cookies) {
				if (cookie.getName().equals(cookieName)) {
					if (cookie.getValue() != null) {
						String cookieVoJsonEncrypt = null;
						try {
							// 判断用户是否登录
							cookieVoJsonEncrypt  = URLDecoder.decode(cookie.getValue(), "UTF-8");
							CookieVo cookieVo = ObjectJsonTranslator.fromString(cookieVoJsonEncrypt, CookieVo.class);
							UserPassword userPass = new UserPassword(cookieVo.getName(), "11111111", LoginType.USER);
							UsernamePasswordToken token = new MultiAuthenticationToken(userPass.getUsername(),userPass.getPassword(), userPass.getLoginType());
							token.setRememberMe(false);
							InetAddress inet = null;
							try {
								inet = InetAddress.getLocalHost();
							} catch (UnknownHostException e) {
								throw ApiException.wrapUnknownException(e);
							}
							String host = inet.getHostAddress();
							token.setHost(host);
							try {
								subject.login(token);
							} catch (UnknownAccountException e) {
								throw ApiException.wrapMessage(ResultStat.USER_NOT_AUTHORIZED, "username wrong");
							} catch (IncorrectCredentialsException e) {
								throw ApiException.wrapMessage(ResultStat.USER_NOT_AUTHORIZED, "password wrong");
							} catch (ExcessiveAttemptsException e) {
								throw ApiException.wrapMessage(ResultStat.USER_NOT_AUTHORIZED, "login wrong too many times");
							} catch (AuthenticationException e) {
								throw ApiException.wrapUnknownException(e);
							}
						} catch (Exception e) {
							throw ApiException.wrapUnknownException(e);
						}
					}
					break;
				}
			}
		}
		return subject.isAuthenticated();
	}
}
